Friday, November 2, 2007

Daily Report

Fox News reports that, according to the survey conducted by the National Aeronautics and Space Administration, a commercial pilot and his first officer were both asleep as they approached their destination. The pilot stated that, in the end, he “landed with no further incidents.” (See items 14)

• The Associated Press reports that the head of the Food and Drug Administration (FDA) was asked to explain his agency’s approach to inspecting drugs domestically and overseas. The House Energy and Commerce subcommittee on oversight and investigations said the FDA’s overwhelming emphasis on domestic inspections and lack of focus on imports place the public at risk, as more and more drugs come from overseas. (See item 24)

Information Technology

34. November 1, Computerworld – (National) Rare Mac Trojan prowling. A Trojan horse targeting Macs, a rare security event, has been spotted on numerous pornographic Web sites, researchers said Wednesday. First reported by Mac security software maker, Intego of Austin, Texas, and later confirmed by Sunbelt Software, McAfee Inc., and the SANS Institute’s Internet Storm Center, “OSX.RSPlug.a” changes the Mac’s DNS (Domain Name System) settings to redirect users to alternate or spoofed sites. “The whole Trojan is relatively simple and works almost exactly the same as its brother for Windows,” said an analyst at Internet Storm Center (ISC) in a warning posted early Thursday. “The bad guys are taking Mac seriously now,” he said, adding that “this is a professional attempt at attacking Mac systems, and they could have been much more damaging.” Sunbelt’s CEO agreed, posting in his blog that “this is the first targeted, real attack on Mac users by a professional malware group.” When users click on a link to watch video on one of the malicious porn sites, a dialog box tells them QuickTime needs to install additional software. “Quicktime Player is unable to play movie file. Please click here to download new version of codec.” Depending on the browser’s settings, the download may mount a disk image and launch an installer automatically. After that, OSX.RSPlug.a silently changes the DNS server the Mac looks to for resolving addresses, and lets the attackers decide which legitimate page requests to silently shunt to URLs of their choosing. Intego’s advisory claims the redirects are to sites crammed with ads for more porn sites, or to phishing sites.

35. October 31, IDG News Service – (National) Microsoft continues its pursuit of software pirates Microsoft Corp. Wednesday broadened its efforts to stop people pirating its products, launching a piracy-related Web site and announcing that it has filed 20 more lawsuits against alleged dealers of counterfeit or pirated software. The new Web site provides information on how users can tell whether software is genuine or not. The site shows examples of suspicious packaging and gives other clues that Microsoft hopes will help users discern whether they are buying deal or fake copies of Windows and other products. For the Web site and more information see:

Communications Sector

36. November 1, The Mercury News – (National) Critics say cell phone system isn’t ready for next big earthquake. In the aftermath of Tuesday’s minor earthquake in Northern California, many cell phone calls failed to get through, while some land lines were briefly spotty. Many of those affected were left trying to determine how they should communicate when the next one hits. Cell phone providers acknowledged brief disruptions in service, but say their systems are not designed to accommodate the dramatic increases in call volume that occurred in the minutes after Tuesday’s 8:04 p.m. Alum Rock quake. In a bigger disaster, cell phone companies say, people should not count on being able to use their cell phones immediately. Yet regulatory advocates question if enough attention is being paid to whether the companies are putting enough resources into the network capacity needed in a disaster. The dilemma isn’t a new one. During the Minnesota bridge collapse earlier this year, some people on the scene said they couldn’t get a connection -- even though cell phone carriers said they tried to move quickly to meet the increased demand. An AT&T spokesman acknowledged that the trouble extended to both the company’s wired and wireless networks, but the disruption among wireless carriers highlighted the extra risks faced by the growing number of people who rely solely on cell phones. Verizon Wireless said customers placed 2.3 million calls in Santa Clara County from 8 to 9 p.m. Tuesday, up from a typical average of 300,000 during that hour. There were no power or network failures, but the activity meant numerous calls failed as “ineffective attempts” because of the congestion. Sprint Nextel declined to give specific numbers but said its wireless call volume increased tenfold in the San Jose area from 8 to 9 p.m., with the number of blocked calls rising about sevenfold. To keep phone systems working for people in emergency situations, disaster-preparedness organizations and the wireless carriers urge customers to avoid making unnecessary calls. They also suggest utilizing text messages, which can be sent to groups of recipients, take up a much smaller amount of a network’s resources, and free up transmission capacity for urgent calls.

37. November 1, RCR Wireless News – (National) Omnilink combines GPS, cellular for tracking. Location-based services technology provider Omnilink Systems unveiled a GPS-based offering designed to allow law enforcement to track the location of suspects in real-time using both satellites and ground-based cellular networks. The service combines Omnilink’s FocalPoint software and a tracking device housing both a GPS antenna and cellular antenna that allows a person or asset to be tracked even if outside of GPS coverage. Omnilink notes that it has partnership arrangements with both AT&T Mobility and Sprint Nextel Corp. Omnilink notes the service can be implemented using a magnet mount installed on a suspect’s car for vehicle tracking or into the packaging of a product to track its location.